Limit Domain name

I wanted to ask a question about the ondemand TLS.

{
    on_demand_tls {
        ask      http://localhost:5000/domains
        interval 2m
        burst    5
    }
}

I want to limit on-demand TLS to only provision certs for valid customers’ domains. I understand I have to use the ask directive. Please, is there any sample of how the domains returned should be structured, is it an array or object? Kindly assist

Caddy makes a GET request to your ask endpoint. It will add a query param called domain and put the requesting domain as the value. Caddy expects a 200 status back to issue the TLS cert. Anything else will reject the certificate issuance.

So if your ask is https://myservice.com/check, caddy will make a call to it like so: https://myservice.com/check?domain=customerdomain.com and expect a 200 back if your service approves it.

1 Like

awesome, thank you